1

I have a SOAP web service I am providing on a apache web server. There are 6 different clients (IPs) that request data and 3 of them are hitting the wrong domain. I am trying to find a way to log which domain name the requests are coming from.

Details:

ServerA is the primary

ServerB is the backup

domain1.com - the domain the web service is on

domain2.com - a seperate domain that server seperate content on ServerB

ServerA is standalone for now with its own IP and DNS from domain1.com. This works for everyone.

ServerB is a backup for the web service, but it already hosts domain2.com.

I added entries into the apache configuration file like:

<VirtualHost *:443>

ServerName domain2.com

DocumentRoot /var/www/html/

CustomLog logs/access_log_domain2443 common
ErrorLog logs/ssl_error_log_domain2443
LogLevel debug

SSLEngine on

... etc SSL directives ...

</VirtualHost>

I have these for both 80 and 443 for domain1 and domain2 with domain1 being second.

The problem is when we switch DNS for domain1 from ServerA to ServerB, 3 out of the 6 clients show up in the debug logs as hitting domain2.com instead of domain1.com and fail their web service request because domain2.com is first in the apache configuration file and catching all requests that don't match other virtualhosts, namely domain1.com.

I don't know if they are hitting www.domain1.com, domain1.com (although I added entries for both) or using the external IP address or something else. Is there a way to see which URL they are hitting not just the page request or someother way to see why the first domain is catching traffic meant for the second listed domain?

In the meantime, I've put domain1.com higher in the apache configuration than domain2.com. Now it catches the requests for all clients and works, however I don't know what it is catching and would like to make domain2.com the first entry again with a correct entry for domain1.com, for however they are hitting it.

Thank you for your help! Andrew

apuschak
  • 11
  • 2

1 Answers1

0

Did you check your apache access.log, Try this to get more detailed log:

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
CustomLog log/access_log combined

For more details : http://httpd.apache.org/docs/2.2/en/logs.html Hope it helped you

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
sys0dm1n
  • 111
  • 3
  • Thank you, sorry this has been a while but I couldn't get it to work and now the issue has come up again. I did try the custom logging and thought I didn't set it up right. I just tried the specific CustomLog logs/referer_log "%{Referer}i -> %U" and I get: - -> /somephp.php The requested URL is missing. Even if I just hit the URL myself, I get the request for favicon.ico in the log but no URL just dashes. Does anyone know why this would be missing on a CentOS server with apache? Thanks! – apuschak Apr 01 '13 at 14:32
  • I've gotten it to work with CustomLog logs/443host_log "%{Host}i" which is not on the apache logs documentation page. It gives me the URL the xml web services are hitting, which are all the same and match my ServerName. So it still doesn't explain why the service works when this domain is first and doesn't work when the domain is second in the configuration. – apuschak Apr 01 '13 at 18:28
  • Still poking around, I find SNI a possibility. http://serverfault.com/questions/109800/multiple-ssl-domains-on-the-same-ip-address-and-same-port looking at @Michael-Hampton's answer. Its very possible 3 clients are running older systems that do not support it, such as Windows XP and that explains why they hit the first domain but other clients get to the correct domain with the VirtualHost. I'll leave it at this for now and try to think of a way to test if this is the case. – apuschak Apr 01 '13 at 19:14
  • Huh? I have nothing to do with this answer. – Michael Hampton Apr 01 '13 at 19:17
  • referencing your answer about Server Name Indication on the question http://serverfault.com/questions/109800/multiple-ssl-domains-on-the-same-ip-address-and-same-port since it may be related. – apuschak Apr 01 '13 at 19:25